Re: general protection fault in lo_ioctl (2)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Dmitry Vyukov <dvyukov@xxxxxxxxxx>, syzbot <syzbot+bf89c128e05dd6c62523@xxxxxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: general protection fault in lo_ioctl (2)
From: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
Date: Tue, 8 May 2018 05:56:15 +0900
Cc: Jens Axboe <axboe@xxxxxxxxx>, linux-block@xxxxxxxxxxxxxxx, LKML <linux-kernel@xxxxxxxxxxxxxxx>, syzkaller-bugs <syzkaller-bugs@xxxxxxxxxxxxxxxx>, "Theodore Ts'o" <tytso@xxxxxxx>
In-reply-to: <CACT4Y+bTo34q4=7X8zGL_XVOGoYd7fqhfAbCAWUxsr-N96Kyxw@mail.gmail.com>
References: <000000000000cbaaf6056b341859@google.com> <CACT4Y+bTo34q4=7X8zGL_XVOGoYd7fqhfAbCAWUxsr-N96Kyxw@mail.gmail.com>
User-agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0

On 2018/05/02 20:23, Dmitry Vyukov wrote:
> #syz dup: INFO: rcu detected stall in blkdev_ioctl

The cause of stall turned out to be ioctl(loop_fd, LOOP_CHANGE_FD, loop_fd).

But we haven't explained the cause of NULL pointer dereference which can
occur when raced with ioctl(LOOP_CLR_FD). Therefore,

#syz undup

Follow-Ups:
- Re: general protection fault in lo_ioctl (2)
  - From: Tetsuo Handa

References:
- general protection fault in lo_ioctl (2)
  - From: syzbot
- Re: general protection fault in lo_ioctl (2)
  - From: Dmitry Vyukov

Prev by Date: Re: [PATCH] loop: add recursion validation to LOOP_CHANGE_FD
Next by Date: [PATCH 0/7] psi: pressure stall information for CPU, memory, and IO
Previous by thread: Re: general protection fault in lo_ioctl (2)
Next by thread: Re: general protection fault in lo_ioctl (2)
Index(es):
- Date
- Thread

[Index of Archives] [Linux RAID] [Linux SCSI] [Linux ATA RAID] [IDE] [Linux Wireless] [Linux Kernel] [ATH6KL] [Linux Bluetooth] [Linux Netdev] [Kernel Newbies] [Security] [Git] [Netfilter] [Bugtraq] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Device Mapper]